Lucene search
GoogleOSV:CVE-2020-36242HistoryFeb 07, 2021 - 8:15 p.m.
CVE-2020-36242
2021-02-0720:15:12
Google
osv.dev
10
0.008 Low
EPSS
Percentile
82.3%
In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.
References
github.com/pyca/cryptography/blob/master/CHANGELOG.rst
github.com/pyca/cryptography/compare/3.3.1...3.3.2
github.com/pyca/cryptography/issues/5615
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E/
www.oracle.com/security-alerts/cpuapr2022.html
www.oracle.com/security-alerts/cpujul2022.html
Related
nessus
nessus
openSUSE Security Update : python-cryptography (openSUSE-2021-349)
2021-03-01 00:00:00
EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2021-2278)
2021-08-09 00:00:00
Photon OS 4.0: Python3 PHSA-2021-4.0-0027
2021-05-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-02-08 06:02:38
cbl_mariner
cbl_mariner
CVE-2020-36242 affecting package python-cryptography 2.3.1-4
2021-03-03 03:44:07
openvas
openvas
debiancve
debiancve
CVE-2020-36242
2021-02-07 20:15:12
fedora
fedora
[SECURITY] Fedora 33 Update: python-cryptography-3.2.1-2.fc33
2021-02-12 01:44:24
osv
osv
PyCA Cryptography symmetrically encrypting large values can lead to integer overflow
2021-02-10 01:32:27
PYSEC-2021-63
2021-02-07 20:15:00
Moderate: python-cryptography security, bug fix, and enhancement update
2021-05-18 05:38:36
cve
cve
CVE-2020-36242
2021-02-07 20:15:12
alpinelinux
alpinelinux
CVE-2020-36242
2021-02-07 20:15:12
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0400
2021-06-08 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-2.0-0347
2021-05-19 00:00:00
Critical Photon OS Security Update - PHSA-2021-0027
2021-05-18 00:00:00
ubuntucve
ubuntucve
CVE-2020-36242
2021-02-07 00:00:00
suse
suse
Security update for python-cryptography (important)
2021-02-26 00:00:00
mageia
mageia
Updated python-cryptography package fixes a security vulnerability
2021-03-12 04:25:47
ibm
ibm
prion
prion
Integer overflow
2021-02-07 20:15:00
nvd
nvd
CVE-2020-36242
2021-02-07 20:15:12
archlinux
archlinux
[ASA-202102-36] python-cryptography: incorrect calculation
2021-02-27 00:00:00
github
github
cvelist
cvelist
CVE-2020-36242
2021-02-07 19:50:57
almalinux
almalinux
Moderate: python-cryptography security, bug fix, and enhancement update
2021-05-18 05:38:36
hackerone
hackerone
Internet Bug Bounty: Integer overflow in CipherUpdate
2021-02-27 21:14:37
redhat
redhat
oraclelinux
oraclelinux
python-cryptography security, bug fix, and enhancement update
2021-05-25 00:00:00
rocky
rocky
python-cryptography security, bug fix, and enhancement update
2021-05-18 05:38:36
redhatcve
redhatcve
CVE-2020-36242
2021-02-08 13:33:48
redos
redos
ROS-20230620-06
2023-06-20 00:00:00
gentoo
gentoo
cryptography: Multiple Vulnerabilities
2024-07-01 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1957
2021-07-02 18:03:40
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00